kafka-security-playbook icon indicating copy to clipboard operation
kafka-security-playbook copied to clipboard

Published 20 hours ago verified publisher icon Dabz

Kafkacat fails in TLS example

Open kamir opened this issue 5 years ago • 2 comments

Using the TLS demo works as expected. I can bring up the cluster and use the produce and consume example as recommended at the end in the script named up.

[OK] -> docker-compose exec kafka kafka-console-producer --broker-list kafka.confluent.local:9093 --topic test --producer.config /etc/kafka/consumer.properties [OK] -> docker-compose exec kafka kafka-console-consumer --bootstrap-server kafka.confluent.local:9093 --topic test --consumer.config /etc/kafka/consumer.properties --from-beginning

[FAILE] -> docker-compose exec kafka kafkacat -L -b kafka.confluent.local:9093 -F /etc/kafka/kafkacat.conf -C -t test

This is the error message: kafkacat: error while loading shared libraries: libssl.so.10: cannot open shared object file: No such file or directory

kamir avatar Nov 13 '19 10:11 kamir

Debugging the issue:

(1) I looks like configuration issue in libssl libraries.

(2) docker-compose exec kafka yum info openssl
Last metadata expiration check: 0:34:03 ago on Wed Nov 13 10:16:53 2019. Available Packages Name : openssl Epoch : 1 Version : 1.1.1 Release : 8.el8 Arch : i686 Size : 677 k Source : openssl-1.1.1-8.el8.src.rpm Repo : BaseOS Summary : Utilities from the general purpose cryptography library with TLS implementation URL : http://www.openssl.org/ License : OpenSSL Description : The OpenSSL toolkit provides support for secure communications between : machines. OpenSSL includes a certificate management tool and shared : libraries which provide various cryptographic algorithms and : protocols.

Name : openssl Epoch : 1 Version : 1.1.1 Release : 8.el8 Arch : x86_64 Size : 664 k Source : openssl-1.1.1-8.el8.src.rpm Repo : BaseOS Summary : Utilities from the general purpose cryptography library with TLS implementation URL : http://www.openssl.org/ License : OpenSSL Description : The OpenSSL toolkit provides support for secure communications between : machines. OpenSSL includes a certificate management tool and shared : libraries which provide various cryptographic algorithms and : protocols.

kamir avatar Nov 13 '19 10:11 kamir

Solution: The Dockerfile for Kafka image contains:

FROM centos

which means, the system pulls the latest CentOS (version 8) image.

Using

FROM centos:centos7

solved the problem.

kamir avatar Nov 13 '19 13:11 kamir